package com.alvin.demo.web;

import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
@RequestMapping("/product")
public class ProductController {

    @Secured("ROLE_PRODUCT")
//    @PreAuthorize("hasRole('ROLE_PRODUCT')")
    @GetMapping("/findAll")
    @ResponseBody
    public String findAll(){
        return "product-list";
    }

    @Secured("ROLE_USER")
//    @PreAuthorize("hasRole('ROLE_USER')")
    @GetMapping("/test")
    @ResponseBody
    public String test(){
        return "test";
    }

}
